Following the recent security issue Sony BMG caused with using rootkit technology, a US Department of Homeland Security official has warned that if software distributors decide to continue selling products with harmful rootkit software, new laws or regulation would come next to stop this activity. In Sony BMG's case, they were forced to recall millions of its affected discs due to the security risk it caused.
More recently, F-Secure revealed that Alpha-DVD used rootkit like technology in a German DVD release, which resulted in DVD writer problems on some PCs, not to mention a potential security risk where malicious software could also use its stealth technology to hide from anti-virus products. As rootkit based software gives the ability to hide software without the user's knowledge (particularly if no uninstaller is offered either), chances are that more companies are going to give it a try in a hope that their version turns out more successful and DHS is worried that further attempts of using rootkit based software may result in more serious consequences.
DHS has already warned copyright holders last November to be careful of how they go about protecting their discs, since these should not introduce other security problems, particularly without the user's knowledge of how their PC's security may be affected. While DHS does not have the ability to implement the regulation of dangerous rootkit software, they are aiming to increase awareness of the rootkit problems to try and help embarrass the labels. Thanks to mrdataNY for letting us know about the following news:
|
Though the DHS has no ability to implement the kind of regulation that Frenkel mentioned, the organization is attempting to increase industry awareness of the rootkit problem, he said. "All we can do is, in essence, talk to them and embarrass them a little bit," Frenkel said. In fact, this is not the first time the department has expressed concerns over the security of copy protection software. In November, the DHS's assistant secretary for policy, Stewart Baker, warned copyright holders to be careful of how they protect their music and DVDs. "In the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days," Baker said, according to a video posted to The Washington Post Web site. |
Even if rootkit technology is outlawed, chances are that this will not stop the record or movie labels from using other drastic measures to protect their discs. For example, even though Sunncomm's MediaMax technology does not use rootkits, until recently their software installed without any user warning and could not be uninstalled easily either, since no uninstallation tool was included. On the other hand, any company who continues to use rootkit technology for now will be taking quite a serious gamble as we can see what happened with Sony BMG and Alpha-DVD (although with less consequences).
mrdataNY added: It's about time that the people we elect to look out for us actually starting to do exactly that.
Source: Computer World - Security
